Abstract
This chapter overviews analog side-channel attacks on recent implementations of the two most popular public-key cryptography approaches, namely RSA and elliptic curve (EC), and demonstrates that attacks that use analog side channel succeed even against state-of-the art constant-time cryptographic implementations, and that the vulnerabilities that allow such attacks to succeed can be mitigated by understanding the relationship between program activity and analog side channel signals and then using that understanding to carefully design the program code for private-key cryptographic operations.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
The OLinu**no boards are much less expensive than the phones, so we could easily obtain a number of OLinu**no boards.
- 2.
For now, we ignore Lines 12–17 in Fig. 13.25, which perfrom no operations on any of the values, but are neded for reasons that will be discussed later in this section.
References
Onur Aciiçmez, Çetin Kaya Koç, and Jean-Pierre Seifert. On the power of simple branch prediction analysis. In Proceedings of the 2nd ACM Symposium on Information, Computer and Communications security (ASIACCS), pages 312–320. ACM Press, March 2007.
D Agrawal, B Archambeult, J R Rao, and P Rohatgi. The EM side-channel(s): attacks and assessment methodologies. In http://www.research.ibm.com/intsec/emf-paper.ps, 2002.
Dakshi Agrawal, Bruce Archambeault, Josyula R. Rao, and Pankaj Rohatgi. The em side-channel(s). In Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems, CHES ’02, pages 29–45, London, UK, UK, 2003. Springer-Verlag.
Monjur Alam, Haider Adnan Khan, Moumita Dey, Nishith Sinha, Robert Callan, Alenka Zajic, and Milos Prvulovic. One&Done: A Single-Decryption EM-Based Attack on OpenSSL’s Constant-Time Blinded {RSA}. In 27th {USENIX} Security Symposium ({USENIX}Security 18), pages 585–602, 2018.
Monjur Alam, Baki Yilmaz, Frank Werner, Niels Samwel, Alenka Zajic, Daniel Genkin, Yuval Yarom, and Milos Prvulovic. Nonce@once: A single-trace em side channel attack on several constant-time elliptic curve implementations in mobile platforms. In 2021 IEEE European Symposium on Security and Privacy (EuroS P), pages 507–522, 2021.
Alcatel. Alcatel Ideal / Streak Specifications, 2016.
Thomas Allan, Billy Bob Brumley, Katrina E. Falkner, Joop van de Pol, and Yuval Yarom. Amplifying side channels through performance degradation. In ACSAC, pages 422–435, 2016.
ARM. ARM Cortex A8 Processor Manual. https://www.arm.com/products/processors/cortex-a/cortex-a8.php, accessed April 3, 2016.
M Backes, M Durmuth, S Gerling, M Pinkal, and C Sporleder. Acoustic side-channel attacks on printers. In Proceedings of the USENIX Security Symposium, 2010.
Josep Balasch, Benedikt Gierlichs, Oscar Reparaz, and Ingrid Verbauwhede. DPA, Bitslicing and Masking at 1 GHz. In Tim Güneysu and Helena Handschuh, editors, Cryptographic Hardware and Embedded Systems (CHES), pages 599–619. Springer Berlin Heidelberg, 2015.
E Bangerter, D Gullasch, and S Krenn. Cache games - bringing access-based cache attacks on AES to practice. In Proceedings of IEEE Symposium on Security and Privacy, 2011.
A G Bayrak, F Regazzoni, P Brisk, F.-X. Standaert, and P Ienne. A first step towards automatic application of power analysis countermeasures. In Proceedings of the 48th Design Automation Conference (DAC), 2011.
Naomi Benger, Joop van de Pol, Nigel P. Smart, and Yuval Yarom. “Ooh aah…just a little bit” : A small amount of side channel can go a long way. In CHES, pages 75–92, 2014.
Daniel J. Bernstein. Curve25519: New Diffie-Hellman speed records. In PKC, pages 207–228, 2006.
Daniel J. Bernstein, Joachim Breitner, Daniel Genkin, Leon Groot Bruinderink, Nadia Heninger, Tanja Lange, Christine van Vredendaal, and Yuval Yarom. Sliding right into disaster: Left-to-right sliding windows leak. Conference on Cryptographic Hardware and Embedded Systems (CHES) 2017, 2017.
E Biham and A Shamir. Differntial Cryptanalysis of the Data Encryption Standard. In Proceedings of the 17th Annual International Cryptology Conference, 1997.
Dan Boneh and David Brumley. Remote Timing Attacks are Practical. In Proceedings of the USENIX Security Symposium, 2003.
J. Brouchier, T. Kean, C. Marsh, and D. Naccache. Temperature attacks. Security Privacy, IEEE, 7(2):79–82, March 2009.
Robert Callan, Alenka Zajic, and Milos Prvulovic. A practical methodology for measuring the side-channel signal available to the attacker for instruction-level events. In 47th Annual IEEE/ACM International Symposium on Microarchitecture, MICRO 2014, Cambridge, United Kingdom, December 13–17, 2014, pages 242–254, 2014.
S Chari, C S Jutla, J R Rao, and P Rohatgi. Towards sound countermeasures to counteract power-analysis attacks. In Proceedings of CRYPTO’99, Springer, Lecture Notes in computer science, pages 398–412, 1999.
S Chari, J R Rao, and P Rohatgi. Template attacks. In Proceedings of Cryptographic Hardware and Embedded Systems - CHES 2002, pages 13–28, 2002.
B Coppens, I Verbauwhede, K De Bosschere, and B De Sutter. Practical Mitigations for Timing-Based Side-Channel Attacks on Modern x86 Processors. In Proceedings of the 30th IEEE Symposium on Security and Privacy, pages 45–60, 2009.
Ettus. USRP-B200mini. https://www.ettus.com/product/details/USRP-B200mini-i, accessed February 4, 2018.
Karine Gandolfi, Christophe Mourtel, and Francis Olivier. Electromagnetic analysis: Concrete results. In Proceedings of the Third International Workshop on Cryptographic Hardware and Embedded Systems, CHES ’01, pages 251–261, London, UK, UK, 2001. Springer-Verlag.
Daniel Genkin, Lev Pachmanov, Itamar Pipman, Adi Shamir, and Eran Tromer. Physical key extraction attacks on pcs. Commun. ACM, 59(6):70–79, May 2016.
Daniel Genkin, Lev Pachmanov, Itamar Pipman, and Eran Tromer. Stealing keys from PCs using a radio: cheap electromagnetic attacks on windowed exponentiation. In Conference on Cryptographic Hardware and Embedded Systems (CHES), 2015.
Daniel Genkin, Lev Pachmanov, Itamar Pipman, Eran Tromer, and Yuval Yarom. ECDSA key extraction from mobile devices via nonintrusive physical side channels. In CCS, pages 1626–1638, 2016.
Daniel Genkin, Itamar Pipman, and Eran Tromer. Get your hands off my laptop: physical side-channel key-extraction attacks on PCs. In Conference on Cryptographic Hardware and Embedded Systems (CHES), 2014.
Daniel Genkin, Adi Shamir, and Eran Tromer. RSA key extraction via low-bandwidth acoustic cryptanalysis. In International Cryptology Conference (CRYPTO), 2014.
L Goubin and J Patarin. DES and Differential power analysis (the “duplication” method). In Proceedings of Cryptographic Hardware and Embedded Systems - CHES 1999, pages 158–172, 1999.
Wilko Henecka, Alexander May, and Alexander Meurer. Correcting Errors in RSA Private Keys. In Proceedings of CRYPTO, 2010.
Nadia Heninger and Hovav Shacham. Reconstructing rsa private keys from random key bits. In International Cryptology Conference (CRYPTO), 2009.
Michael Hutter and Jorn-Marc Schmidt. The temperature side channel and heating fault attacks. In A. Francillon and P. Rohatgi, editors, Smart Card Research and Advanced Applications, volume 8419 of Lecture Notes in Computer Science, pages 219–235. Springer International Publishing, 2014.
Marc Joye and Sung-Ming Yen. The Montgomery powering ladder. In CHES, pages 291–302, 2002.
A. Karatsuba and Yu. Ofman. Multiplication of many-digital numbers by automatic computers. Proceedings of the USSR Academy of Sciences, 145(293–294), 1962.
Keysight. N9020A MXA Spectrum Analyzer. https://www.keysight.com/en/pdx-x202266-pn-N9020A/mxa-signal-analyzer-10-hz-to-265-ghz?cc=US&lc=eng, accessed February 4, 2018.
Haider Adnan Khan, Monjur Alam, Alenka Zajic, and Milos Prvulovic. Detailed tracking of program control flow using analog side-channel signals: a promise for iot malware detection and a threat for many cryptographic implementations. In SPIE Defense+Security - Cyber Sensing, 2018.
P Kocher. Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In Proceedings of CRYPTO’96, Springer, Lecture notes in computer science, pages 104–113, 1996.
P Kocher, J Jaffe, and B Jun. Differential power analysis: leaking secrets. In Proceedings of CRYPTO’99, Springer, Lecture notes in computer science, pages 388–397, 1999.
Markus Guenther Kuhn. Compromising emanations: eavesdrop** risks of computer displays. dec 2003.
A. Langley, M. Hamburg, and S. Turner. Elliptic curves for security. RFC 7748, 2016.
T S Messerges, E A Dabbish, and R H Sloan. Power analysis attacks of modular exponentiation in smart cards. In Proceedings of Cryptographic Hardware and Embedded Systems - CHES 1999, pages 144–157, 1999.
Peter L. Montgomery. Speeding the Pollard and elliptic curve methods of factorization. In Mathematics of Computation, volume 13, pages 243–264, 1987.
Katsuyuki Okeya, Hiroyuki Kurumatani, and Kouichi Sakurai. Elliptic curves with the Montgomery-form and their cryptographic applications. In PKC, pages 238–257, 2000.
Olimex. A13-OLinu**no-MICRO User Manual. https://www.olimex.com/Products/OLinu**no/A13/A13-OLinu**no-MICRO/open-source-hardware, accessed April 3, 2016.
OpenSSL Software Foundation. OpenSSL Cryptography and SSL/TLS Toolkit. https://www.openssl.org.
Colin Percival. Cache missing for fun and profit. In Proc. of BSDCan, 2005.
Samsung. Samsung Galaxy Centura SCH-S738C User Manual with Specs. http://www.boeboer.com/samsung-galaxy-centura-sch-s738c-user-manual-guide-straight-talk/, June 7, 2013.
W Schindler. A timing attack against RSA with Chinese remainder theorem. In Proceedings of Cryptographic Hardware and Embedded Systems - CHES 2000, pages 109–124, 2000.
Adi Shamir and Eran Tromer. Acoustic cryptanalysis (On nosy people and noisy machines). http://tau.ac.il/textasciitildetromer/acoustic/.
Yukiyasu Tsunoo, Etsuko Tsujihara, Kazuhiko Minematsu, and Hiroshi Miyauchi. Cryptanalysis of block ciphers implemented on computers with cache. In Proceedings of the International Symposium on Information Theory and its Applications, pages 803–806, 2002.
Joop Van de Pol, Nigel P. Smart, and Yuval Yarom. Just a little bit more. In CT-RSA, pages 3–21, 2015.
Yuval Yarom and Naomi Benger. Recovering OpenSSL ECDSA nonces using the Flush+Reload cache side-channel attack. IACR Cryptology ePrint Archive 2014/140, 2014.
Yuval Yarom and Katrina Falkner. FLUSH+RELOAD: A High Resolution, Low Noise, L3 Cache Side-Channel Attack. In 23rd USENIX Security Symposium (USENIX Security 14), pages 719–732, San Diego, CA, 2014. USENIX Association.
Alenka Zajic and Milos Prvulovic. Experimental demonstration of electromagnetic information leakage from modern processor-memory systems. IEEE Transactions on Electromagnetic Compatibility, 56(4):885–893, 2014.
ZTE. Zte zfive 2 lte, 2019.
Author information
Authors and Affiliations
Corresponding authors
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this chapter
Cite this chapter
Zajic, A., Prvulovic, M. (2023). Using Analog Side Channels to Attack Cryptographic Implementations. In: Understanding Analog Side Channels Using Cryptography Algorithms. Springer, Cham. https://doi.org/10.1007/978-3-031-38579-7_13
Download citation
DOI: https://doi.org/10.1007/978-3-031-38579-7_13
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-38578-0
Online ISBN: 978-3-031-38579-7
eBook Packages: Computer ScienceComputer Science (R0)